The Data Controller is committed to the protection of your personal data, guaranteeing their security and avoiding them to be exposed to any potential event which may put their security at risk. In accordance with the EU Regulation n° 679/2016 (GDPR) - articles 13 and 14 in particular – we provide the user ("Subject") with the following information concerning the processing of their personal data.
DATA CONTROLLER CONTACT DETAILS
PURPOSE OF THE TREATMENT
In compliance with the current legislation on the protection of personal data, the Data will be stored, collected and processed by the Controller(s) for the following service purposes:
Purpose without specific consent
Identification of the best contractor
Fulfillment of taxation and accounting obligations
LAWFUL BASES FOR PROCESSING PERSONAL DATA (ART. 6)
Data processing for the aforementioned purposes is lawful, in that – as specified in art. 6 of the Regulation – it can be traced back to one of the following legal bases:
Data processing is necessary for the fulfillment of all those obligations deriving from law, regulation or other community legislation.
Data processing is necessary for the execution of a contract in which the Subject is a party of, or for the execution of pre-contractual measures adopted upon request of the Subject.
DATA RECIPIENTS OR CATEGORIES OF RECIPIENTS
For the purposes set out above, the personal data you have provided may be made accessible to:
Categories of recipients
Banks and credit institutions
Consultants and freelancers, in free or associated form
Other bodies as required by current accounting and tax regulations
TRANSFER OF PERSONAL DATA ABROAD
The Data Controller does not intend to transfer the Subject’s personal data to a country located outside the European Union or to an international organization. The Data Controller(s) guarantees from now on that, should such a transfer be necessary, this will take place in accordance with the provisions of the law applicable pursuant to art. 45 ("Transfer based on adequacy decision"), art. 46, s. 1 ("Transfer subject to adequate guarantees"), or art. 46, s. 2 (entering of standard terms and conditions as provided by the European Commission) GDPR.
PERIOD OF STORAGE OF PERSONAL DATA
The Subject’s Personal Data will be kept until they are necessary in relation to the legitimate purposes for which they were collected, unless the intention to erase them is expressly stated.
Starting from the date of termination of this relationship, personal data will be kept all the same for the fulfillment of those obligations persisting even after the termination of the agreement (Article 2220 of the Civil Code, Italian Law); for these purposes the Data Controller(s) will retain only those data necessary for the relative pursuit.
RIGHTS OF THE DATA SUBJECT
The Subject is eligible to exercise all his or her rights in compliance with what specified in GDPR provisions, and in particular the following:
• Right of access - The Data Subject shall have the right to obtain from the Controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information: purposes of processing, categories of personal data concerned and their period of storage, recipients to whom these data may be disclosed (article 15, GDPR),
• Right to rectification - The Data Subject shall have the right to obtain from the Controller, without undue delay, the rectification of inaccurate personal data concerning him or her and the right to have incomplete personal data completed (article 16, GDPR),
• Right to erasure - The Data Subject shall have the right to obtain from the Controller, without undue delay, the erasure of personal data concerning him or her, as provided in the GDPR regulation (article 17, GDPR),
• Right to restriction of processing - The Data Subject shall have the right to obtain from the controller restriction of processing, as provided in the GDPR regulation (article 18, GDPR),
• Right to data portability - The Data Subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, as stated in the GDPR regulation (article 20, GDPR),
• Right to object - The Data Subject shall have the right to object to processing of personal data concerning him or her unless the Data Controller demonstrates compelling legitimate grounds for the processing which override the interests of the Data Subject (article 21, GDPR),
• Right to lodge a complaint with a supervisory authority – The Data Subject shall have the right to lodge a complaint with the Data Protection Authority (www.garanteprivacy.it).
The Subject has the right to modify or revoke the consent granted at any time, and exercise his rights by contacting the Data Controller directly via email, writing to the following address: firstname.lastname@example.org
METHODS OF DATA PROCESSING
The processing of the Subject’s personal data is carried out by means of the operations stated in article 4, n° 2, GDPR - performed with or without the aid of computer systems - namely: collection, registration, organization, structuring, updating, storage, adaptation or modification, extraction and analysis, consultation, use, communication by transmission, comparison, interconnection, limitation, erasure or destruction.
At any rate, the logical and physical security of your data and, in general, the confidentiality of the personal data processed will be guaranteed, by implementing all the measures – both technical and organizational – needed to guarantee their safety.